From 1b86921f218a79b9bcab7c452004e63086e414e2 Mon Sep 17 00:00:00 2001
From: Neil Williams <codehelp@debian.org>
Date: Tue, 25 Jan 2022 11:32:06 +0000
Subject: Process some NFUs

---
 data/CVE/list.2021 | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 494f4bf4ad..4efc4880cb 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -57042,7 +57042,7 @@ CVE-2021-23246
 CVE-2021-23245
 	RESERVED
 CVE-2021-23244 (ColorOS pregrant dangerous permissions to apps which are listed in a w ...)
-	TODO: check
+	NOT-FOR-US: OPPO Android Phone
 CVE-2021-23243 (In Oppo's battery application, the third-party SDK provides the functi ...)
 	NOT-FOR-US: OPPO Android Phone
 CVE-2021-3112
@@ -58535,11 +58535,12 @@ CVE-2021-22569 (An issue in protobuf-java allowed the interleaving of com.google
 	NOTE: https://cloud.google.com/support/bulletins#gcp-2022-001
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 (unclear, might be bogus)
 CVE-2021-22568 (When using the dart pub publish command to publish a package to a thir ...)
-	TODO: check
+	NOT-FOR-US: Dart language
 CVE-2021-22567 (Bidirectional Unicode text can be interpreted and compiled differently ...)
-	TODO: check
+	NOT-FOR-US: Dart language (different from src:dart)
+	NOTE: https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41
 CVE-2021-22566 (An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead  ...)
-	TODO: check
+	NOT-FOR-US: Google fuchsia
 CVE-2021-22565 (An attacker could prematurely expire a verification code, making it un ...)
 	NOT-FOR-US: Google reference COVID19 exposure verification component
 	NOTE: https://github.com/google/exposure-notifications-verification-server
-- 
cgit v1.2.3